package com.hzw.saas.web.sso.security;

import com.hzw.saas.api.user.enums.UserStatusEnum;
import com.hzw.saas.common.config.util.MybatisPlusUtil;
import com.hzw.saas.common.security.pojo.dto.SaasUser;
import com.hzw.saas.common.util.AccountValidatorUtil;
import com.hzw.saas.web.sso.exception.UsernamePasswordErrorException;
import com.hzw.saas.web.sso.pojo.model.UserAccount;
import com.hzw.saas.web.sso.service.IUserAccountService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

import java.util.Collection;

/**
 * @author sonam
 * @sine 2021/10/28 5:33 下午
 */
@Slf4j
@Component
@RequiredArgsConstructor
public class UserDetailServiceImpl implements UserDetailsService {

    private final IUserAccountService userAccountService;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        UserAccount userAccount = null;
        // 验证用户名
        if (userAccount == null) {
            userAccount = userAccountService.lambdaQuery()
                .ne(UserAccount::getStatus, UserStatusEnum.DELETED.getCode())
                .eq(UserAccount::getUserName, username)
                .last(MybatisPlusUtil.LIMIT_1)
                .one();
        }
        // 验证邮箱
        if (AccountValidatorUtil.isEmail(username)) {
            userAccount = userAccountService.lambdaQuery()
                .ne(UserAccount::getStatus, UserStatusEnum.DELETED.getCode())
                .eq(UserAccount::getEmail, username)
                .last(MybatisPlusUtil.LIMIT_1)
                .one();
        }
        // 验证手机号
        if (userAccount == null && AccountValidatorUtil.isMobile(username)) {
            userAccount = userAccountService.lambdaQuery()
                .ne(UserAccount::getStatus, UserStatusEnum.DELETED.getCode())
                .eq(UserAccount::getPhoneNo, username)
                .last(MybatisPlusUtil.LIMIT_1)
                .one();
        }
        if (userAccount == null) {
            userAccount = userAccountService.lambdaQuery()
                .ne(UserAccount::getStatus, UserStatusEnum.DELETED.getCode())
                .eq(UserAccount::getUserId, username)
                .last(MybatisPlusUtil.LIMIT_1)
                .one();
        }
        if (userAccount == null) {
            throw new UsernamePasswordErrorException("用户或密码不正确");
        }
        Collection<? extends GrantedAuthority> authorities
            = AuthorityUtils.createAuthorityList(getUserPermissions(userAccount.getUserId()));

        return new SaasUser(userAccount.getUserId(), userAccount.getUserName(), userAccount.getPhoneNo(),
            userAccount.getEmail(), 1
            , userAccount.getPassword(), userAccount.getStatus() == 1, authorities);
    }

    private String[] getUserPermissions(String userId) {
        return new String[]{};
    }
}
